Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BC-FIPS DRBG test result not matching NIST vectors #1799

Open
akxhw1996 opened this issue Aug 30, 2024 · 0 comments
Open

BC-FIPS DRBG test result not matching NIST vectors #1799

akxhw1996 opened this issue Aug 30, 2024 · 0 comments

Comments

@akxhw1996
Copy link

akxhw1996 commented Aug 30, 2024
edited
Loading

Hi, I am trying to use NIST ACVP vectors to test BC-FIPS version 1.0.2 for hashDRBG and the result of my computation does not match NIST vector expected result. Is there any problem in my process of calling BC-FIPS API? Or am I missing something? Any comment is appreciated!

Vector example https://github.com/usnistgov/ACVP-Server/tree/master/gen-val/json-files/hashDRBG-1.0 testCaseId = 166:

{
	"tgId": 12,
	"testType": "AFT",
	"derFunc": false,
	"reSeed": true,
	"predResistance": false,
	"entropyInputLen": 800,
	"nonceLen": 160,
	"persoStringLen": 640,
	"additionalInputLen": 480,
	"returnedBitsLen": 4096,
	"mode": "SHA-1",
	"tests": [
		{
			"tcId": 166,
			"entropyInput": "8FF8CB3E0F06FD04356658F70BA1FE0C8E8474A45AA38849760E606D9B1C34ABDCBE0899D266DF0B33E9456612ECBCF97C913C9C0B79B897929DA4EF1131EE7BCD6AE4C89A7A9ECA20801E123B1AE71BFD729E8A980116C087A3147030FF8B52FC8181F9",
			"nonce": "9BC6D75B978F8FA1DDC875AE980FF51F67609DF9",
			"persoString": "4644ACC94FB73682064E1BEB3279D14AEA01215344C262565EACAF683F82882E8D4E493DB03F9F5E389A0DB845285D0566B46F6E75938890825C08EF166E1C140760148F7E38FE596F97E7CD52E4B367",
			"otherInput": [
				{
					"intendedUse": "reSeed",
					"additionalInput": "0FCCAD7E1536192246E571716DD86087F879A7B61C6ADEDC14AF116ACFCEC63F01A203DCFBD1E212A106BD32F9A3F167F70CBF95A8782312A8A94FF8",
					"entropyInput": "49BA2904186B145E3F5893B80E502E3F7D878564A85A25F9D2DEAA160143348F89F163D0463BB97F0799C21D059273538E2455DD39D9E9AC8B703FD1EA1CF80275994A82A3BD64D364BE3E9107B06912B09433FA45A928D473078DAB0F1E3E462BC9CD6F"
				},
				{
					"intendedUse": "generate",
					"additionalInput": "68ED9BE64AE45038A5ACCB2E38F39153E32B81D24A08AB3D3F9C5B112E969ADB50AC87E1CD8F352B7C74D8686BEAEA52541D8E41568D3DF0CE697680",
					"entropyInput": ""
				},
				{
					"intendedUse": "generate",
					"additionalInput": "07BA6B1A1BD49D213A3F3BA60ED5EF9D83EAFC4E64EB830695B99FBDA1585176C1F5F0ED0F2274944F7AAC0AA9A92AD0BD2DAB4DF742EFF7A77B3C90",
					"entropyInput": ""
				}
			]
		}
	]
}

my code:

import org.bouncycastle.crypto.fips.FipsDRBG;
import org.bouncycastle.crypto.fips.FipsSecureRandom;
import org.bouncycastle.util.encoders.Hex;
import org.bouncycastle.util.test.FixedEntropySourceProvider;

public class DrbgTest {
    public static void main(String[] args) {
        String entropyInput = "8FF8CB3E0F06FD04356658F70BA1FE0C8E8474A45AA38849760E606D9B1C34ABDCBE0899D266DF0B33E9456612ECBCF97C913C9C0B79B897929DA4EF1131EE7BCD6AE4C89A7A9ECA20801E123B1AE71BFD729E8A980116C087A3147030FF8B52FC8181F9"
            + "49BA2904186B145E3F5893B80E502E3F7D878564A85A25F9D2DEAA160143348F89F163D0463BB97F0799C21D059273538E2455DD39D9E9AC8B703FD1EA1CF80275994A82A3BD64D364BE3E9107B06912B09433FA45A928D473078DAB0F1E3E462BC9CD6F";
        String nonce = "9BC6D75B978F8FA1DDC875AE980FF51F67609DF9";
        String persoString = "4644ACC94FB73682064E1BEB3279D14AEA01215344C262565EACAF683F82882E8D4E493DB03F9F5E389A0DB845285D0566B46F6E75938890825C08EF166E1C140760148F7E38FE596F97E7CD52E4B367";
        String additionalInput1 = "0FCCAD7E1536192246E571716DD86087F879A7B61C6ADEDC14AF116ACFCEC63F01A203DCFBD1E212A106BD32F9A3F167F70CBF95A8782312A8A94FF8";
        String additionalInput2 = "68ED9BE64AE45038A5ACCB2E38F39153E32B81D24A08AB3D3F9C5B112E969ADB50AC87E1CD8F352B7C74D8686BEAEA52541D8E41568D3DF0CE697680";
        String additionalInput3 = "07BA6B1A1BD49D213A3F3BA60ED5EF9D83EAFC4E64EB830695B99FBDA1585176C1F5F0ED0F2274944F7AAC0AA9A92AD0BD2DAB4DF742EFF7A77B3C90";

        FixedEntropySourceProvider entropySource = new FixedEntropySourceProvider(Hex.decode(entropyInput), false);
        FipsSecureRandom random = FipsDRBG.SHA1.fromEntropySource(entropySource)
            .setSecurityStrength(112)
            .setEntropyBitsRequired(800)
            .setPersonalizationString(Hex.decode(persoString)).build(
                Hex.decode(nonce),
                false);
        byte[] bytes = new byte[4096 / 8];
        random.reseed(Hex.decode(additionalInput1));
        random.nextBytes(bytes, Hex.decode(additionalInput2));
        random.nextBytes(bytes, Hex.decode(additionalInput3));
        System.out.println(Hex.toHexString(bytes));
    }
}

My result:
92e5595665d10484462d321d484bcefad7c9fef005f5c906dedc76f41d744528a2cccbbcb42c1d70b673c3f81a9fbeb0b6e162400e130173707f328bea6a8c85721b23baaf0bca377541a8c188fd61f69d6c1a8a2cdfcb42abc0feddd48152edefd878ca7327880f60d18ea98c569475b7409eb5d84c2cc5d4cef3ac163b1f97f9d55ab333a8e42dba915724fcfb48cf28e58d5116c10e7fc0257fd7b7b5cf6d1691d7171c6bdd15aa3723c8af668d9854f3f9ef744bc900394325efb81e5172051a06780fe09b9eeb995eb495fd62bd91aa7a08419829324c1f296a08462f2a3a9f11c915e48eb9188a91d458e437975b92030ebf9d011e715b2e6c470b74b4b4696ed445da8fc836ac7e45c6f5d43d307f294bb592131b0df453e833ce12f21948c61d91e53d6abcea0439508abd4169173f0360cc4c13bb6c05fa843837fd9cb4a77aeaa0cb3319faac5b5b20e7dfd1cbd9f25ef9637fd7947faac38222d14c7f69a24b0f0ab01e6ca1c6b555f96e845113367159bf6ca16413876b5bbfd8443975d5256599e3bd0bd11be8f1069ea2880bdf8c64211102cbe5e0a068426c864dbeb1caa043bc76499830087829235ca0b68c84f0b82572c2194a06b71a6281007166945690bbafe7c4f190ca24443025a7e9306d228959cdb7820fd88c274595db727e37a78e56613ce8fdb5610153985a8f823502ea0d4eb0fcddb8ebc2

NIST vector expected result:
6F4D6902A63F3FD858A63B3B2EF4C14A946C4C100A99BA2A274BAE2E0E458A7D64FFAA0892AA6EA4EEBDC8D1BDF0F46D9948DCAB8407158E31D976576A6C929279576C8570458C14445AE99D84A09296C6996B802BA206A8F79C0587A09FBFB7C810B4BAF13656A976E332493C5BB2E52B8BB3EB3857349E93FFD164B5F8DA4E1840E9FD3B9637A6BE1D52EDB35ED8B5C32106BB8C1CCC0EBEE7FA8F399E74467D6C36BD76D201281482449122774D4F6FB9749627C66F5E3A9A82C5F8003B6B685D99F24D5E64F035B0F1D6C0FF4D4FD1DC66B72B728E5ACEF03D5844B431D8CC8D2D2B12DA4CCC15DB42574FF4880F40E2FAB955C6E80E629CA3AA3E7DFD6B0D7510C87C44D078C2B238AA045A161DEA2CDE84DC5558EAE27CFEFF444038CDD7F4B7A0486B6C70015E2928DCA108C41988E813358D1031C856E6C3C70E1BFAC5B6C57F95A13CAC74F3DE6D742DB6E8261071915BFF3E6E68165224B46A613824D36F4BB88333E9F00FD57843C01DD713ADAE5D0C02E35C78C40FDFDE0AA4376B6F354B9F551BABCBD326C5B1F6BCE066763DBF2B58137E4C52BB23275F5003DBB58DF2074E8B53039C7BE6EAB5435A766A44B6DDCC276A6ED74C137823EE994C25CCC233C18EA3EC0A7074B959477BD6FAFFC7943904DE078F15D51FF7E5D0EB6CF574DAD4BB17B3C25D185070796641594E52ED4743A097DD0A41A0AF3F06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@akxhw1996